This blog is dedicated to the struggles of people everywhere to advance human progress and save this planet from the decline of capitalism. Its focus, since 2011 has been supporting the emerging revolutions everywhere.

Featured Post

Tuesday, June 6, 2017

Did The Intercept burn the messenger?

The Intercept has spent the better part of the past year saying that there was no concrete evidence that Russia has been interfering with the US elections, so they must have had mixed emotions about receiving a leaked NSA document that strongly indicates that they have been wrong, and that the Russian government has been very active in attempting to subvert democracy in the United States. John Schindler, a security expert and former National Security Agency analyst, summed it up this way:

The substance of what The Intercept reported leaves no doubt that GRU made serious efforts last summer and fall to influence our election.

This leak was published only days after Russian President Vladimir Putin speculated that "patriotic" Russian hackers operating outside of government control may have interfered with the US election. The idea that Putin allows Russian hackers to make international mischief on their own, or that pro-Russian hackers would risk operating outside of government control, is simply unbelievable. Did these same "patriotic hackers" also cause the current Gulf States crisis without Putin's input?

Reality Leigh Winner

Within hours of The Intercept publishing the documents it would later claim "contain unproven assertions and speculation designed to serve the government’s agenda," the FBI announced the arrest of Reality Leigh Winner as the leaker. She said she was tired of hearing media outlets say there was no concrete proof of Russian hacking, so she send them some. Apparently it was that simple, and not very well thought out. She exhibited no tradecraft whatsoever. She made the copies on the company printer, she used her office computer to email The Intercept. Now they've got the scoop, and she is looking at ten years hard time.

Why she chose to send it to The Intercept is as yet unclear. It wasn't the wisest choice, apparently The Intercept didn't do a good job of protecting their source in this case. Today The Intercept is saying:

On June 5 The Intercept published a story about a top-secret NSA document that was provided to us completely anonymously. Shortly after the article was posted, the Justice Department announced the arrest of Reality Leigh Winner, a 25-year-old government contractor in Augusta, Georgia, for transmitting defense information under the Espionage Act. Although we have no knowledge of the identity of the person who provided us with the document, the U.S. government has told news organizations that Winner was that individual.

While The Intercept is claiming to have no knowledge of the source of the leaked documents, other sources say Winner was easily identified as the leaker because she didn't bother to hide her identity in email contacts with The Intercept. The US Department of Justice, in its AFFIDAVIT IN SUPPORT OF ARREST OF REALITY LEIGH WINNER[I have made bold important selections to help you cut through the boilerplate.]states:

PROBABLE CAUSE

11. WINNER is a contractor with Pluribus International Corporation assigned to a U.S. Government Agency facility in Georgia. She has been employed at the facility since on or about February 13, 2017, and has held a Top Secret clearance during that time. As set forth in further detail below, on or about May 9, 2017, WINNER printed and improperly removed classified intelligence reporting, which contained classified national defense information and was dated on or about May 5, 2017 (the "intelligence reporting") from an Intelligence Community Agency (the "U.S. Government Agency") and unlawfully retained it. Approximately a few days later, WINNER then unlawfully transmitted the intelligence reporting to an online news outlet (the "News Outlet").12. On June I, 2017, the FBI was notified by the U.S. Government Agency that the U.S. Government Agency had been contacted by the News Outlet on May 30, 2017, regarding an upcoming story. The News Outlet informed the U.S. Government Agency that it was in possession of what it believed to be a classified document authored by the U.S. Government Agency. The News Outlet provided the U.S. Government Agency with a copy of this document. Subsequent analysis by the U.S. Government Agency confirmed that the document in the News Outlet's possession is the intelligence reporting. The intelligence reporting is classified at the Top Secret level, indicating that its unauthorized disclosure could reasonably result in exceptionally grave damage to the national security, and is marked as such. The U.S. Government Agency has since confirmed that the reporting contains information that was classified at that level at the time that the reporting was published on or about May 5, 2017, and that such information currently remains classified at that level.13. The U.S. Government Agency examined the document shared by the News Outlet and determined the pages of the intelligence reporting appeared to be folded and/or creased, suggesting they had been printed and hand-carried out of a secured space.14. The U.S. Government Agency conducted an internal audit to determine who accessed the intelligence reporting since its publication. The U.S. Government Agency determined that six individuals printed this reporting. WINNER was one of these six individuals. A further audit of the six individuals' desk computers revealed that WINNER had e-mail contact with the News Outlet. The audit did not reveal that any of the other individuals had e-mail contact with the News Outlet.

So, based on this affidavit, and othersources, after The Intercept received the classified document, they made a color copy of it and took to it back to the NSA for authentication and redaction advice. Apparently this copy was of sufficient fidelity that it allowed the NSA to determine what printer the original had been printed on. From there, it was simply a matter of checking the logs to find out who had printed it out lately. That was only a handful of employees. They knew The Intercept had received it. Then, probably, they made two lists: 1) who recently printed the doc?, and who recently emailed The Intercept? And the winner is...you can't make this stuff up; this is real life.

According to the DOJ, they could trace the document because it "appeared to be folded and/or creased, suggesting they had been printed and hand-carried out of a secured space." How they could possibly determine that from a copy is beyond me. This is most certainly a cover story for the fact that most, if not all, color printers put something like a digital microdot or "watermark" on every page they print.

I first learn about this little secret back in the 1980s by just applying for a top secret printer development job with Xerox. They liked to brag that their color copies were so good, the government demanded they take these steps to stop counterfeiters from using them. That secret encoding has other uses as well, as the world is now learning. The Electronic Frontier Foundation has taken a leading role in exposing the use of these secret codes in printers. In 2008 they produced this video:

Imagine that every time you printed a document it automatically included a secret code that could be used to identify the printer - and potentially the person who used it. Sounds like something from an episode of "Alias " right?

Unfortunately the scenario isn't fictional. In a purported effort to identify counterfeiters the US government has succeeded in persuading some color laser printer manufacturers to encode each page with identifying information. That means that without your knowledge or consent an act you assume is private could become public. A communication tool you're using in everyday life could become a tool for government surveillance. And what's worse there are no laws to prevent abuse.

The ACLU recently issued a report revealing that the FBI has amassed more than 1 100 pages of documents on the organization since 2001 as well as documents concerning other non-violent groups including Greenpeace and United for Peace and Justice. In the current political climate it's not hard to imagine the government using the ability to determine who may have printed what document for purposes other than identifying counterfeiters. More...

While The Intercept was careful to redact the information the NSA wanted removed before publication, they still reprinted this microdot information clear enough that knowledgeable people could spot and read them:

While it's good to know that your printer may be spying on you as a general principle, it is critical to know if you are printing anything you don't want traced back to you like, say, a ransom note, political flyer, or stolen NSA file. Winner can be forgiven for not knowing that; it would appear she did what she did for selfless reasons; and she will pay the price.

It's hard to feel so charitable about The Intercept. Given their staff and reputation, one would not expect them to be as naive as the 25 year old about the techniques used by our surveillance society, but whether in ignorance or bliss, it would seem that they took no effective measures to hide the source of the document before they showed it to the NSA. As John Schindler put it:

Schindler ends his Observer opinion piece NSA’s Latest Leak Debacle Explained by looking on the bright side, and then giving The Intercept the prize:

Regardless, Congress and the public have been energized by Reality Winner’s crime, and GRU cyber-meddling in our 2016 election is an issue which now must be addressed as a core part of KremlinGate. Perhaps that fact will comfort Winner in prison. But the real prize goes to The Intercept, which outed its golden source inside NSA in record time. Nobody in our Intelligence Community has ever been arrested for leaking spy secrets even before the leak goes public. That’s a record which seems likely to stand the test of time.

Schindler chalks up The Intercept's outing of their source to ineptitude. Maybe I am getting cynical in my old age, but I know how hard The Intercept worked to defeat Clinton last year and thereby elect Trump, and how protective they have been towards Poppa Putin. Catching this leaker quickly serves both Putin and Trump. Neither of them welcome this kind of leak; nor would the Intercept, for that matter, given their editorial line on the Russian hacking. All of this leads me to wonder: Did they just fumble the ball? Or did they intentionally burn the messenger?